Public-key cryptography offers very strong protection for electronic communications. Much of its strength comes from the use of paired keys, which are separate (but mathematically related) codes that encrypt and decrypt a message; one key is public and one is known only to the recipient.

But hardly anyone uses public-key cryptography, because it's too much trouble. The recipient has to be prepared with both public and private keys, and the sender has to know or be able to find the recipient's public key. In most cases, this means that the sender must query a certificate authority to retrieve the target recipient's public key. Although this is simple within a company, senders outside the organization don't have any access to a central directory, so it's more difficult for them to send encrypted messages. Moreover, the process works only if the recipient has already decided to use it and has made a key available. And most people don't have public keys.

Definition

Identity-based encryption (IBE)is a form of public-key cryptography in which a third-party server uses a simple identifier, such as an e-mail address, to generate a public key that can be used for encrypting and decrypting electronic messages. Compared with typical public-key cryptography, this greatly reduces the complexity of the encryption process for both users and administrators. An added advantage is that a message recipient doesn't need advance preparation or specialized software to read the communication.

A Solution

One promising solution to these difficulties is called identity-based cryptography or identity-based encryption (IBE). In this process, which can be initiated by the sender, a unique identifier of the recipient (such as his e-mail address) is used to calculate a public key. A trusted third-party server, called the private-key generator, uses a cryptographic algorithm to calculate the corresponding private key from the public key. In this way, recipients can generate their own private keys directly from the server as needed, and they don't have to worry about distributing their public keys.

How IBE Works

The success of IBE depends upon the third-party IBE server that generates private keys. The only information this server stores permanently is a secret master key -- a large random number that is exclusive to the security domain. The server uses this key to create a common set of public-key parameters (including the server's address) that are given to each user who installs the IBE software, and recipients' private keys as required.

Pros and Cons of IBE

Pros

No certificates needed. A recipient's public key is derived from his identity.

No pre-enrollment required.

Keys expire, so they don't need to be revoked. In a traditional public-key system, keys must be revoked if compromised.

Cons

Requires a centralized server. IBE's centralized approach implies that some keys must be created and held in escrow -- and are therefore at greater risk of disclosure.

Requires a secure channel between a sender or recipient and the IBE server for transmitting the private key.

When a sender creates an encrypted message, the IBE software on his system uses three parameters to generate the public key for the message: a starting value, the current week number and the recipient's identity (normally the e-mail address). Because a calendar reference is included, the public key that is generated will automatically expire.

A user who receives an IBE-encrypted e-mail message but has not used the process before can request -- upon authentication -- a private key that allows him to decrypt all e-mails encrypted using his e-mail address as the public key.

Costs

Ferris Research looked at the costs of one commercial IBE system (from Voltage Security Inc. in Palo Alto, Calif.) and found that total cost of ownership of a typical system is one-third that of a typical public-key system.

QuickStudy Central

Want More?

Moreover, Ferris found that IBE required a far simpler infrastructure (meaning fewer servers and easier installation). Other findings showed that operating costs were one-fifth of those of public-key systems, and that IBE users were three times more productive than users of public-key cryptography.

Kay is a Computerworld contributing writer in Worcester, Mass. You can contact him at russkay@charter.net.